Information Infrastructure, Insight

01483 520 200

Citrix Environment Security Assessment

Since the first shipping of Multi-User in 1991, Citrix has grown in capability and usage as organisations take advantage of the many benefits of thin client technology for fat application deployments. By reducing administrative costs, improving control over the user environment and helping organisations conform to any number of legislative and regulatory standards, Citrix is well-known and extensively used in many organisations.

MTI Citrix Environment Security Assessment: Overview

MTI’s experience of testing over 100 Citrix installations has proved in every single test conducted that it is possible to abuse any number of misconfigurations, lockdown oversights, published applications or other software vulnerabilities to break out of the confined environment a user is placed into and access parts of the host or network that a citrix user was never intended to have access to.

Put simply, implementing Citrix without fully understanding how to adequately lockdown the environment can lead to high impact compromises of both the Citrix host and the network it resides on, MTI can help with Citrix Security.

The range of issues identified during assessments includes:

Gaining read/write access to sensitive financial and trading data (often resulting in a breach of PCI rules)
Gaining read/write access to restricted drives (breaching basic security principles)
Gaining access to administrator accounts and user passwords (breaching basic security principles)
Gaining full access to customer & business databases (breaching DPA & PCI requirements amongst others)
Ability to send any electronic information out of the business, avoiding content monitoring software (allowing simple data theft)
Ability to download arbitrary files to the host and install and run Trojan and backdoor hacking tools

We have seen that even for businesses who have invested a considerable amount of time, thought and attention in securing the Citrix platform, high risk vulnerabilities can still be found. As a result we feel confident to state that simply working from hardening guides is not sufficient to secure the Citrix /Windows environments. However, merely applying more and more mitigation measures can often target expenditure in the wrong areas and only address the symptoms, not the causes. Testing is therefore essential to identify the real issues and select the appropriate controls.

Next Steps...

If you would like more information regarding our Citrix Environment Security Assessment, please contact the MTI penetration testing team to discuss your requirements.

Request Call Back

Request Pricing

Document Downloads

Citrix Environment Security Review Whitepaper »

CHECK Green Light Member
Member of the Council of Registered Ethical Security Testers

Attend our #vmware #vcenter operations manager webcast on 11/6 and gain operations intelligence and compliance - find out more.

Seminar: MTI VSPEX Event at The Aberdeen Maritime Museum
Wed May 29 2013 - 1:30 PM
Location: The Aberdeen Maritime Museum

Seminar: MTI VSPEX Event at The National Motorcycle Museum with 451 Group
Thu Jun 06 2013 - 9:30 AM
Location: The National Motorcycle Museum

See all Events & Shows

Datacentres
MTI has established itself as a key partner for businesses looking to leverage skill and experience in the delivery of effective, high-value Datacentre solutions.
Secure Cloud Storage
The key differentiator that MTI brings to the marketplace with its Cloud offerings is the ability to design a bespoke Cloud solution that takes into account all the customers concerns and requirements.
IT Security
MTI is a trusted expert in delivering a full range of IT security solutions for your organisation as providing consultancy on data security regulations and offering accredited network penetration testing services.
Managed Services & Support
MTI is well-established as an experienced provider of a whole range of services that directly support the technology solutions that it provides to businesses throughout EMEA.
Meet the Management Team
The MTI Management Team includes some of the most experienced and respected figures in the IT industry and together they make a formidable force working on behalf of our partners.
Case Studies
Providing details of the different solutions that MTI has designed and deployed for its’ clients. In many cases clients have chosen to comment on the effectiveness and inherent value of the MTI approach.
Contact MTI
If you need advice, assitance or further information on our range of products or services don't hesitate to get in touch.

Call Back Request for	Citrix Environment Security Assessment
First Name*
Last Name*
Email
Phone*
Company*
Further Details

Pricing Request for	Citrix Environment Security Assessment
First Name*
Last Name*
Email*
Phone*
Company*
Further Details

Please submit your details below, then your download will begin:
First Name*
Last Name*
Email*
Phone*
Company*